username and password verification servlet
Hi.
I have developed a servlet for the verification for the user name and password. I am using Tomcat 6.0.13. The servlet compiles but gives unexpected results.
I used MS Access for the database. There are 2 text fields by the name 'username' and 'password'. I have created the dsn and the db and dsn work fine with a simple java console program(where i used the 'select * from login' statement to list all the username and password pairs. It works fine however when i made a servlet and used the same dsn, it is not able to match the entered password with the stored password. I even printed the entered and the stored passwords using the servlet's printwriter, both are identical however stiil the login fails.
Please help me out . I am giving the servlet's code below:
import java.io.*;
import java.sql.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class LoginAuth extends HttpServlet
{
public void doPost(HttpServletRequest req, HttpServletResponse res)throws ServletException,IOException
{
String req_username,req_password;
String password="admin";
Boolean auth=false;
res.setContentType("text/html");
req_username = req.getParameter("uname");
req_password = req.getParameter("pword");
PrintWriter out = res.getWriter();
try
{
Class.forName("sun.jdbc.odbc.JdbcOdbcDriver");
Connection con = DriverManager.getConnection("jdbc:odbc:mydsn");
Statement st = con.createStatement();
ResultSet rs = st.executeQuery("select password from login WHERE username = '" + req_username + "'");
if(req_password == rs.getString(""password"))
{
auth = true;
}
con.close();
}
catch(Exception e)
{}
out.println("<html><body>");
if(auth)
{
out.println("Hello" + req_username);
}
else
{
out.println("Unauthenticated");
}
out.println("</body></html>");
}
}
